diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-03-25 20:33:34 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-03-25 20:33:34 +0100 |
commit | 7d45040becd71b7dc1ad661e31d98dd39ec957a9 (patch) | |
tree | 6a3409569b86fcfbad0e87c7ee9364446f6cb214 | |
parent | 301596d1d20ec04db8791fcadfef24c3982b782a (diff) |
Try to further clarify why unclear status for znuny
-rw-r--r-- | data/CVE/list | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index ed672a80a4..50412e0c2a 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -47149,26 +47149,28 @@ CVE-2021-36096 (Generated Support Bundles contains private S/MIME and PGP keys i NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-10/ NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork) NOTE: CVE-2021-36096 is an update from the original CVE-2021-21440. - TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase + TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase, cf. https://github.com/znuny/Znuny/issues/128 CVE-2021-36095 (Malicious attacker is able to find out valid user logins by using the ...) - otrs2 <undetermined> (bug #993846) [buster] - otrs2 <no-dsa> (Non-free not supported) [stretch] - otrs2 <no-dsa> (Non-free not supported) NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-18/ NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork) + TODO: try to pinpoint status for znuny, cf. https://github.com/znuny/Znuny/issues/128 for an attempt CVE-2021-36094 (It's possible to craft a request for appointment edit screen, which co ...) - otrs2 <undetermined> (bug #993846) [buster] - otrs2 <no-dsa> (Non-free not supported) [stretch] - otrs2 <no-dsa> (Non-free not supported) NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-17/ NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork) - TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase + TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase, https://github.com/znuny/Znuny/issues/128 CVE-2021-36093 (It's possible to create an email which can be stuck while being proces ...) - otrs2 <undetermined> (bug #993846) [buster] - otrs2 <no-dsa> (Non-free not supported) [stretch] - otrs2 <no-dsa> (Non-free not supported) NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-16/ NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork) + TODO: try to pinpoint status for znuny, cf. https://github.com/znuny/Znuny/issues/128 for an attempt CVE-2021-36092 (It's possible to create an email which contains specially crafted link ...) - otrs2 <undetermined> NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-15/ |